package com.csthink.web.infrastructure.filter;

import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;

/**
 * 使用传统 Session 来判断用户是否登录
 *
 * @author <a href="mailto:security.2009@live.cn">Mars</a>
 * @since 2023-09-10
 */
//@Component
//public class LoginSessionFilter extends OncePerRequestFilter {
//
//    @Override
//    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
//        // 简单的白名单，登录这个接口直接放行
//        if ("/login".equals(request.getRequestURI())) {
//            filterChain.doFilter(request, response);
//            return;
//        }
//
//        // 已登录就放行
//        User user = (User) request.getSession().getAttribute("user");
//        if (user != null) {
//            filterChain.doFilter(request, response);
//            return;
//        }
//
//        // 走到这里就代表是其他接口，且没有登录
//        // 设置响应数据类型为json（前后端分离）
//        response.setContentType("application/json;charset=utf-8");
//        PrintWriter out = response.getWriter();
//        // 设置响应内容，结束请求
//        out.write("请先登录");
//        out.flush();
//        out.close();
//    }
//}
